Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble


  • Content Count

  • Joined

  • Last visited

Community Reputation

2 Neutral

About Zuitana

  • Rank
    La Dimenian
  • Birthday 05/19/1986

In-Game Information

  • Hunter's Name
  • Guildcard

Profile Information

  • Gender
  • Location
    Finland, helsinki.
  • Interests
    do you really want 2 know?

Contact Methods

  • Discord

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. the battle continues, with an infected dashost.exe sitting in windows/WinSys at 94 kt, and me shotgunning down any and all connections, and trying 2 download windows updates that would fix the rogue file. currently typing this on my laptop from a phone connected usb connection. im not enjoying this time at all, my laptops discord is 100% hijacked as process, and i can't re-establish control over it. although, i can fully monitor it on my phone.
  2. And after finally gaining access 2 task manager i was greeted by a windowskeskeytys process translating as windowsprevention using up 100% of the processor. Big surpise there. It almost immediately went down significantly and 2 2.3% and keeps bouncing around task manager, in order 2 prevent itself from being shutdown. System was also there, operating ntosknl, which when attempting deletion requires our old friend, yup! You guessed it, TrustedInstaller. When looking at other suspect files, i noticed 3 com surrogates running from dllhost. Upon deletion? TrustedInstaller.
  3. And since whoever was responisble knew that there is absolutely nothing more it can do, it had significantly slowed down my cheap shit laptop, and tries hiding the folder in winsys where it's hidden, so that comodo can't quarantine it again. And now when trying 2 be deleted, it pretends 2 need that requires admin priviledges, of SYSTEM despite me being the admin with no other users present.
  4. After cutting lose it's remaining life lines of the infected dasmhost.exe after i read online on how 2 dispose of it, and it once again in last ditch effort cuts my internet access upon realizing that im updating Windows. Fortunately, 1 update got past the download phase and is trying 2 install itself. I will keep you guys posted on the situation as it continues developing.
  5. Oh look, downloading a program that would supposedly fix my dasmhost.exe, smuggled in dasmhost.exe onto laptop after it snuck onboard after being transferred from my phone. And instead of being in system32 folder, whoever tried reasserting control knew that the jig was up, and in desperation tried hiding it in the c:/windows/WinSxS/amd64_micrsoft_windoews-o...(it gets cut off in the search bar afterward, thanks windows 10) was up 2 it's old tricks by inserting an inbound system connection, several scvhost.exe files running and trying 2 access culauncher.exe which is the control at comodo, in order 2 do more damage.
  6. The very fact that i was lying, or not trying get Access would be counterproductive at best, and worst would entirely undermine my entire threads existence, extensive details, evidence, analysis, speculation and effort in problem solving. It just wouldn't logically make any sense, unless it was it was a really bad prank. Which it isn't, as im not even that type of person.
  7. Yet, what would i have gain instead of playing on a pso server, which is something i'd rather do?
  8. Well, after a long and drawn out battle, i finally found the culprit: dasmhost.exe, at 93.5kt (that's the finland version known as kilotavu), and it had asserted complete dominance over the system, and after the battle was over, repeatedly tried messing with my internet, while using a system through an igmp connection, whatever that is, and trying 2 maintain control with multiple scvhost.exe files running. At that point i had enough, and promptly handed comodo an arrest warrant, and dasmhost.exe was promptly arrested, taken into custody, and trialed, which was a show trial, and permanently placed into quarantine, as killing via deletion required permission from trusted installer, despite being a Microsoft Windows service product. Afterword, i was free once again, but my laptops internet no longer functions.
  9. Well lads,i think i finally figured it out. looks like someone kept messing with comodos auto-contaiment, and used it 2 make a containment procedure that the all applications and set them as malicious, and were 2 be blocked. that would explain why the connections were never allowed, as ephinias client got me 2 my ban message as soon as it was removed. so, i promptly changed the password on the settings, 4 all the good that it will do me. some interloper keeps accessing my cheap sh*t laptop as either an inbound or outbound connection, using either ip, tcp or udp 2 access it. the rulesets that i put in place 2 detect it's entry was fully wiped as well, which made me do a lot of work setting up a minefield. it wasn't fun. i should be able 2 access the server now, just need 2 test it.
  10. or that the distant host name is unable 2 be figured out
  11. well, i went 2 my comodo's firewall settings, and turned it off. then got treated with this message afteword. http://www.mediafire.com/view/k3odfgoj6la8fdn/you try figuring this shit out..png# from what i can understand, the files.txt is missing on the update server side, and refuses my connection.
  12. *sigh* the patch server just doesn't like me anymore. im going 2 check my faithful watchdog, comodo, and turn it off if turns up 2 c if that's causing it or not.
  13. and cause the launcher was updated, i made a false assumption, and after digging up that link, it buries up the evidence. and before anyone asks, here's the source where i found it. that would have been very helpful 2 know btw, yet nobody pinpointed that issue.
  14. and cause of this link below, i can't prove that the id registered does not exist error exists. you wanna know why? cause print screen doesn't actually save a screenshot during login. https://www.phantasystaronline.net/forum/index.php?/account-management/account-recovery/ why is that you may ask? cause the account was fixed with that link several hours back, meaning i can no longer backtrace the issue. otherwise i would provide evidence on it, just like everything else.
  15. the link is stupid easy 2 obtain, just click left click the link itself, and select copy link destination. as 4 the installation, it's literally dumped 2 the default location: the c:/ultima PSOBB. i have not messed aroud with it.
  • Create New...